package com.qf.shiro20230208.config;


import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.qf.shiro20230208.dao.UserDao;
import com.qf.shiro20230208.entity.User;

import com.qf.shiro20230208.permission.service.ITRoleService;
import com.qf.shiro20230208.permission.service.ITUserRoleService;
import com.qf.shiro20230208.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.Arrays;
import java.util.List;

public class CustomRealm extends AuthorizingRealm {
    @Autowired
    UserDao userDao;
    @Autowired
    UserService userService;
    @Autowired
    ITRoleService itRoleService;
    @Autowired
    ITUserRoleService userRoleService;

//           通过这个方法给shiro提供当前用户认证信息
//           @param authenticationToken
//           @return
//           @throws AuthenticationException
//
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println(authenticationToken);

        //根据token中提供的用户信息，去数据库中查询对应用户
        //获取用户名
        final String username = (String) authenticationToken.getPrincipal();

        final User user = getUserFromDB(username);

        if(user == null){
            throw new UnknownAccountException("用户不存在");
        }
        //第一个数据可以放入对象也可以放用户名，会影响从shiro获取用户信息所获取到的对象，如果第一个是对象，后面的也是对象
        //第二个放入用户密码
        //第三个放入当前提供信息的realm的名字
        final SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user, user.getPassword(), this.getName());


        return simpleAuthenticationInfo;
    }

    /**
     * 通过这个方法向shiro提供当前用户的权限相关信息
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println(principalCollection);

        final User principal = (User) principalCollection.getPrimaryPrincipal();

        List<String> roles = getRolesForDB(principal);

        List<String> prems = getPermsFornDB(principal);

        final SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        info.addRole("admin");
        info.addRoles(roles);
//        info.addStringPermission("order:get");
        info.addStringPermissions(prems);


        return info;
    }

    private List<String> getPermsFornDB(User principal) {


        final List<Object> list = userRoleService.listObjs();


        return Arrays.asList("order:get","order:update","order:save:*");
    }

    private List<String> getRolesForDB(User principal) {
        return Arrays.asList("admin","normal");
    }

    private User  getUserFromDB(String name){
        final User user1 = userService.getOne(new QueryWrapper<User>().eq("name", name));



        final User user = new User();
        user.setId(1);
        user.setName(name);
        user.setPassword("123");

        return user;
    }
}
